#!/bin/sh
#
# usage:  import-cert.sh remote.host.name [port]
#
REMHOST="$1"
REMPORT="${2:-443}"
exec 6>&1
exec > "$REMHOST"
echo | openssl s_client -connect "${REMHOST}":"${REMPORT}" 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
certutil -d sql:"$HOME"/.pki/nssdb -A -t TC -n "$REMHOST" -i "$REMHOST"
exec 1>&6 6>&-
